Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
-
VMs with lustre 2.14.53
-
3
-
9223372036854775807
Description
A tbf rule name length is limited to 16 characters (MAX_TBF_NAME).
This length is never checked. This can cause an overflow inside the following code:
static int nrs_tbf_rule_start(struct ptlrpc_nrs_policy *policy, struct nrs_tbf_head *head, struct nrs_tbf_cmd *start) { struct nrs_tbf_rule *rule; struct nrs_tbf_rule *tmp_rule; struct nrs_tbf_rule *next_rule; char *next_name = start->u.tc_start.ts_next_name; int rc; rule = nrs_tbf_rule_find(head, start->tc_name); if (rule) { nrs_tbf_rule_put(rule); return -EEXIST; } OBD_CPT_ALLOC_PTR(rule, nrs_pol2cptab(policy), nrs_pol2cptid(policy)); if (rule == NULL) return -ENOMEM; memcpy(rule->tr_name, start->tc_name, strlen(start->tc_name)); <---------------------
Attachments
Issue Links
- is related to
-
-
- Open
-
Activity
| Fix Version/s | New: Lustre 2.15.0 [ 14791 ] | |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/45124/
Subject: LU-15056 nrs: length of a tbf rule should be checked
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 1937c6cd75a2346b353f4cb6aacda8d0b6df804d
"Etienne AUJAMES <eaujames@ddn.com>" uploaded a new patch: https://review.whamcloud.com/45124
Subject: LU-15056 nrs: length of a tbf rule should be checked
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 8c8f574b02c720607c9ca73493af3735a13f88b7
| Assignee | Original: WC Triage [ wc-triage ] | New: Etienne Aujames [ eaujames ] |
"Etienne AUJAMES <eaujames@ddn.com>" uploaded a new patch: https://review.whamcloud.com/46003
Subject:
LU-15056nrs: length of a tbf rule should be checkedProject: fs/lustre-release
Branch: b2_12
Current Patch Set: 1
Commit: 927f6af5564f5da839a4f2190379c6b091d872e1